On Tuesday 03 Dec 2002 1:07 am, Brian Parish wrote: > On Tue, 2002-12-03 at 01:59, magnet wrote: > > Hi all, > > Well back from the dead once again after another fresh install following > > a lost battle trying to get a firewall installed and working, damn that > > shorewall! > > > > Machine is running mdk 9.0. So here is my question... How do I manually > > configure my main machine to share it's modem connection to the other 5 > > machines on my LAN? > > > > This is my /etc/sysconfig/network file: > > > > NETWORKING=yes > > FORWARD_IPV4=true > > HOSTNAME=linux1.local.net > > DOMAINNAME=local.net > > GATEWAY=192.168.0.1 > > GATEWAYDEV=ppp0 > > > > The other machines are all using the 192.168.0.xxx range and all point to > > 192.168.0.1 as the gateway they should be using. > > > > I do NOT want to use the control centre because it demands installing > > shorewall, which has been the biggest problem of all here causing no end > > of trouble with blocked ports, breaking samba and ftp. I simple hate it > > and the documentation isn't simple enough for me to understand how to > > write iptables rules yet to achieve a fully secure machine. > > > > Hope some of you will take the time to offer some advice on this. > > > > regards > > magnet > > I too gave up on shorewall. Grab gShield. Every feature you could wish > for. Configured with a single simple conf file. > You be up an sharing in about 2 minutes - 5 if you read the fine print. > > HTH > Brian
Cheers Brian, but I tried the mandrake rpm files which failed, and then tried to compile gShield from source which also didn't go too well. Can you explain how you set your ICS up please. My current situation is shorewall is installed (by default as soon as I used MCC to enable internet sharing) but it set to not start up at boot in services. Did you uninstall shorewall completely and not use MCC to set-up/enable ICS and just depend on gShield to get the results you were after? If I enable it, then this system changes my static IP from the required 192.168.0.1 to 192.168.1.1. This then throws out the rest of the network for all the other stuff I am running (samba,ftp). Even though shorewall isn't running right now, it has killed proftpd, which cannot determine the IP of this machine and refuses to now start, even though ifconf confirms the IP to be 192.168.0.1. Squid also now complains on shutdown producing errors,although this doesn't seem to affect the machine's ability to reboot. regards magnet
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
